METAFIN CLEANTECH FINANCE PRIVATE LIMITED
INFORMATION SECURITY MEASURES
We, Metafin Cleantech Finance Private Limited (“Metafin” / “Us” / “We” / “Our”), have made continuous efforts for preventing Our network and systems from cyber threats and cyber incidents. We have accordingly, devised policies and procedures which help Us in implementation of cyber security. This, however, requires coordination and support from all the relevant stakeholders including but not limited to Our employees, partners, vendors and customers.
We take effective measures to prevent cyber-attacks and to promptly detect any cyber intrusions to respond / recover / contain the fall out. Among other things, We take necessary preventive and corrective measures in addressing various types of cyber threats which includes denial of service, distributed denial of services (DDoS), ransom-ware / crypto ware, destructive malware, business email frauds including spam, email phishing, spear phishing, whaling, vishing frauds, drive-by downloads, browser gateway fraud, ghost administrator exploits, identity frauds, memory update frauds and password related frauds.
As mentioned above, We have realised that managing cyber risk requires the commitment of the entire organization to create a cyber-safe environment. This requires a high level of awareness among staff at all levels. Our top management and Board have a fair degree of awareness of the fine nuances of the threats. Further, We also proactively promote, among Our customers, vendors, service providers and other relevant stakeholders an understanding of Our cyber resilience objectives, and ensures appropriate action to support synchronised implementation and testing.
Further, We have implemented multiple lines of defence: (a) Policies in relation to information security; (b) Operational Procedures; (c) KPIs and metrics for measurement implemented procedures; and (d) education and training. We regularly update and improve Our knowledge about Our IT environment and perform periodic risk assessment exercises to identify and mitigate the risks associated with Our IT environment. We further conduct a regular assessment of Our partners and vendors in order to assess Our outsourcing risks and comply with the industry and government standards/regulations.
All material cyber issues or incidents are reported to Our board of directors. It is Our responsibility to make you aware of Our stand on the cyber security front and inform your responsibilities for its successful implementation. It is of utmost importance that due care should be taken while transacting online. Accordingly, We advise you:
to use of “strong” user IDs and passwords that will be hard for a hacker to guess, basic security measures such as security software updates, and the need to be careful where and how to connect to the internet;
to be conscious and careful of “phishing” and “pharming” scams that start with fake emails and websites and end with consumers providing Aadhaar numbers, bank account numbers and other valuable details;
in case you notice any suspicious mails or fraudulent activities from your user account, report it to Us at firstname.lastname@example.org